Scareware Creeps

Lurkers, flamers and assorted troublemakers love to fight over the meaning of "hacker." Some claim hackers are skilled users who push the envelope -- and should be looked up to. The subtler ones create gradations of meaning: white, gray and black hat.

I like things simple. To me a hacker is someone who messes with another's computer. Based on that, I hate hackers.

My first personal experience was in the late '80s as Editor in Chief of AmigaWorld magazine. Users from all over the world sent us software to try. We even sold disks packed with utilities, images and sounds every month.

My first virus came from a Swedish floppy, and many soon followed. Next thing I knew, many of our computers were a mess. Our answer was to set up floppy-only systems to test the software before sending it off to readers or using it ourselves.

Then came spyware, which first appeared on the Amiga as software that laid in wait and then took over your screen with a screeching skull.

About 20 years later scareware is alive and well. My biggest scareware hit was three and a half years ago when my son Nick's PC got a pop-up claiming to have found all manner of viruses. He called for help. I took over, never clicked the message, but bad stuff started happening anyway. Milliseconds later pop-ups were flying everywhere, including what seemed like an ordinary Microsoft error message.

I lost all admin rights and a working Task Manager, and Add/Remove programs suddenly stopped working. Desperate, I ran multiple scans, such as Microsoft Anti-Malware, as well as anti-spyware and anti-virus tools.

The battle commenced as my tools deleted bad code only to be beaten back by more pop-ups. Finally there was a bit of a detente and the pop-ups calmed down, but performance was still crippled. I was looking at an hours-long manual file cleanup, or I could just reformat and start over. As it was a spare computer with no critical documents, I just wiped her clean and started fresh.

The culprit was SpySherrif, which had the audacity to have an actual Web site offering to sell me tools to fix the computer SpySherrif itself broke!

I'll never forget this incident or forgive those that infected me. Longtime readers might remember I covered some of this ground in one of my first-ever Redmond magazine columns.

Here's what we, as a community, need to do about scareware:

Public policy: Push the federal government and international law authorities to enact and enforce tougher laws.

Fight back: Report these creeps and push vendors such as Microsoft to pursue them. Microsoft, to its tremendous credit, has sued many scareware makers, but there are many more to be had.

Microsoft is planning to activate "Insights for MyAnalytics" sometime late this month for most Office 365 users, but the ability of organizations to manage this feature won't be available until possibly mid-May.